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REMARKS 

Claims 1 -37 were pending in the present applicatioa Claims 1.-37 were rejected. 
Claims 6-9, 13-17, 24-28, 34, and 36 have been canceled; and claims 1, 3, 5, 10-12, IS- 
20, 22, 29-33, 35 and 37 have been amended. Reconsideration of the claims is 
respectfully requested. 

Independent claim 1 has been amended to clarify the subject matter which 
applicant regards as the invention. Particularly^ claim 1 has been amended to clarify that 
the receiving^ performing, adding, and sending steps are performed by a first security 
server among a plurality of security servers. Additionally, claim 1 has been amended to 
recite the limitation that the modified request is presented to a plurality of components of 
the web application server wherein each of the plurality of components correspond with 
one of a plurality of security servers and tliat validation of the modified request is 
performed by the component that corresponds with the security server that received the 
original request from the user. (See Page 14, Line 27-Page 15, Line 1; Page 1 5^ Lines 
23-27, Page 17, Lines 7-10, Page 20, Lines 8-20). No new matter has been introduced by 
the amendment to claim 1. Additionally, independent claims 18, 19, 24, 29, and 37 have 
been amended to clarify the subject matter which Applicant regards as the invention. 
Claims 18, 19, 24, 29, and 37 have been amended to include features similar to that of 
claim 1. No new matter has been introduced by the amendments to claims 18, 19, 24 29, 
and 37. 

L Claim Objections 

Claim 1 8 was objected to because of an informality. Claim 18 has been amended 
to recite "present" rather than "represent" as suggested by the examiner. Withdrawal pf 
the objection to claim 1 8 is thus requested. 

Claim 19 was objected to because of an informality. Claim 19 has been amended 
to recite "adds" rather than "add" as suggested by the examiner. Withdrawal of the 
objection to claim 19 is thus requested. 

Claim 29 was objected to because of an informality. Claim 29 has been amended 
to recite "present" rather than *Vepresent" as suggested by the examiner. Withdrawal of 
the objection to claim 29 is thus requested. 
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Claim 37 w£is objected to because of an inforaiaJity. Claim 37 has been amended 
to recite '^present" rather than "represent" as suggested by the examiner. Withdrawal of 
the objection to claim 37 is thus requested, 

n. 35 U-S>C, S 112, Claim Rejections 

Claim 5 has been rejected uidder 35 U.S.C. 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. The bmitation of "flie data processing system" 
has been amended to recite "the first security server" to clarify the element that is 
identified by the information. Withdrawal of tlie rejection of claim 5 under 35 U.S.C § 
1 12 is respectfully requested- 

Claims 6-12 have been rejected under 35 U.S.C, 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. Claims 6-9 have been cancelled. Claims 10-12 
have been amended to distinctly claim the subject matter which applicant regards as the 
invention* Particularly, claim 10 has been amended to depend from claim 4 and recite the 
limitation that the user identification is a user name and password (See Page 20, lines 13- 
15). Claim 1 1 has been amended to depend from claim 1 and recite the limitation that the 
validating step comprises determining tliat a value of the information added to the request 
is an expected value located in a data structure (Page 20, Lines 15-20). Claim 12 has 
been amended to depend from claim 1 and to recite the limitation that each of the 
plurality of components respectively comprises an interceptor (Page 17, Lines 7-10). No 
new matter has been added by the amendments to claims 10-1.2. The amendments to 
claims 10-12 point out and distinctly claims tlie subject matter which applicant regards as 
the invention. Accordingly^ withdrawal of the rejection of clairas 10-12 under 35 U.S.C 
1 1 2, second paragraph, is respectfully requested. 

Claim 1 8 has been rejected under 35 U.S.C. 1 1 2, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter 
which apphcant regards as the invention. Claim 18 has been amended to recite the 
limitation that the request is received by the claimed data processing system from a 
security server. For example, the data processing system may be implemented as a web 
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application server that receives a modified request from a security server implemented as 
a reverse proxy security server (See Page 14, Line 27- Page 15, Line L) Additionally, 
claim 18 has been amended to include the limitation that the data processing system that 
receives the modified request submits the modified request to a plurality of components 
that each corresponds to a respective security server (See Page 15, Lines 23-27; and Page 
17, Lines 7-10). Additionally, claim 18 has been amended to clarify that the steps of 
determining and processing are performed by the processing unit. No new matter has 
been added by the amendment to claim 18. The amendment to claim 18 points out and 
distinctly claims the subject matter which applicant regards as the invention. 
Accordingly, withdrawal of the rejection of claim 18 under 35 U.S.C. 112, second 
paragraph, is respectfully requested. 

Claims 29-35 have been rejected under 35 U.S.C. 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. Claim 29 has been amended to recite the 
limitation that the request is received from a security server that is one of a plurality of 
security servers. For example, the data processing system to which claim 29 is directed 
may be implemented as a web application server that receives modified requests from a 
plurality of security servers (See Page 14, Line 2(5-Page 15, Line 1; Page 1.5, Line 21 -27; 
Page 17, Lines 7-10; and Page 20, Lines 8-20). No new matter has been introduced by 
the amendment to claim 29. Claim 30 has been amended to better clarify the subject 
matter which applicant regards as the invention and to properly depend from amended 
claim 29. Claim 3 1 has been amended to clarify that the reverse proxy server is the first 
security server recited in amended claim 29. Claim 32 has been amended to clarify that 
the information is an identification of the first security server (See Page 19, Lines 1-7). 
Claim 33 has been amended clarify that the information is a user name and password of a 
user of the client (See Page 19, Lines 1 -7). Claim 34 has been cancelled. Claim 35 has 
been amended to properly depend from amended claim 29 and to clarify and distinctly 
claim the subject matter with applicant regards as tlie invention. No new matter has been 
introduced by the amendments to claims 29-33 and 35. Accordingly, withdrawal of the 
rejection of claims 29-33 and 35 under 35 U.S-C. 112, second paragraph, is respectflilly 
requested. 
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III. 35 U,S.C. S 1 02. Anticipation 

The Office Action has rejected claims l-l 4, 1 7-19 and 21-37 under 35 U.S.C § 
102(e) as being anticipated by Abdelnur et ah (US 6,212,640 Bl) (hereinafter Abdelniir). 
This rejection is respectfully traversed. 

With regard to claim 1, the Office Action states the following: 

As for claim 1, Abdehiur discloses a method in a data processing system 
for authenticating a request, the method comprising: 

receiving a request from a client (step 510, Fig. 5; col. 10, lines 56-59, "At 
step 5t0...by client 430."); 

performing authentication of the request (step 610, Fig. 6; coL 1 1, lines 
47-52, "At step 61 ©...application, for example"); 

adding information to the request to form a modified request, wherein the 
information indicates that the request is from a trusted source (col, 12, lines 7-19, 
"Tn one or more... submitting false credentials."); and 

sending the modiiied request to a server (step 620, Fig. 6; col. 11, lines 57- 
63, "However, if the authorization.,, access its resources."). 
Office Action dated 4/19/2004, pages 6-7. 

With respect to this rejection, a prior art reference anticipates the claimed 

mvention under 35 U.S.C. § 102 only tf every element of a claimed invention is 

identically shown in that single reference, arranged as they are in the claims. Tn re Bond, 

910F.2d 831, 832, 15 U.S.P.Q.2d 1566, 1567 (Fed. Cir. 1990). All limitations of the 

claimed invention must be considered when determining patentability. In re Lowry, 32 

F.3d 1579, 1582, 32 U.S.P.Q.2d 1031, 1034 (Fed. Cir. 1994). Anticipation focuses on 

whether a claim reads on the product or process a prior art reference discloses, not on 

what the reference broadly teaches. Kalman v, Kimberly-Clark Corp., 713 F,2d 760, 218, 

U.S,P.Q. 781 (Fed. Cir. 1983). In this particular case, each and every feature of the 

presently claimed invention is not identically shown in Abdelnur, arranged as they are in 

the claims. 

For example, amended claim 1 recites the following: 

1 . A method in a data processing system for authenticating a request, 
the method comprising; 

receiving, by a fust security server of a plurality of security servers, a 
request from a client; 

performing autlientication of the request by the first security server; 
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adding, by the first secujity server, information to tlie request to fomi a 
modiiied request, wherein the infoiTOatioD indicates that the request is from a 
trusted source; 

sending, by the first security server, the modiiied request to a web 
application server; 

presenting the modified request to each of a pluraUty of components of the 
web application server, wherein each of the plurality of components correspond 
with a respective one of the plurality of security servers; and 

vaHdating, by a one of the plurality of components that corresponds with 
the first security server, the modified request. 

As described in the present application and as claimed by amended independent 
claim 1, a plurality of trust association interceptors implemented as components within a 
web application server are presented with the modified request. Each component 
corresponds with a different security server type. (See Page 15> Lines 23-27; Page 17^ 
Lines 7-10 and Lines 23-24; and Page ) 8, Lines 4-7; and Page 19, Lines 27-28). One of 
the plurality of components validates the modified request (Page 15, Line 27-Pagc 16, 
Line 1), for example by requiring a user name representing the proxy server to be 
included in the modified request. Thus, a one of the plurality of components validates 
trust with the security server that received and modified the request Irom the client For 
example. Figure 3 shows the following: 
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As can be seen, a web server application includes a plurality of components (trust 
association interceptors 312, 314, and 316) that, together with a security collaborator of 
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the web application server, receive a request from the web application server that has 
been modified by a security server (reverse proxy security server 302). Each component 
(interceptor) corresponds to one of a plurality of security servers and facilitates trust 
validation with the corresponding security server. The set of components thereby 
facilitates trust validation among a set of security servers for supporting different security 
restrictions to a resource, 

Abdelnur neither teaches or suggests a method that facilitates a backend server, 
e.g.j a web application server, to support multiple reverse proxy security servers that may 
feature different security restrictions. Particularly, Abdelnur neither teaches or suggests a 
system or method having a "plurality of components" that each "correspond with a 
respective one of a "plurality of security servers." Thus, Abdelnur fails to teach or 
suggest a system or method for validating "by a one of the plurality of components that 
corresponds with the" securit-y server that received a request from a client. 

Abdelnur explicitly describes a system for allowing applications "retrieved from 
one network server" {emphasis added) to access "resources available on other servers on 
the network" (Column 9, Lines 50-53). That is, Abdelnur provides a mechaDism tli^t 
facilitates access to multiple servers with which the client i$ unable to directly 
authenticate. For example, Abdelnur states the following: 

Embodiments of the invention provide an cnviromnent in which an 
application can indirectly access services or resources available on servers that it 
cannot directly authenticate against. Column 10, Lines 24-27 

In addition to resources available on web server 480, application 410 may 
also need to access resources available on other servers on network 450, such as 
server 460. Column 10, Lines 41-43. 

Thu$> Abdelnur provides a mechanism that facilitates client access of multiple servers via 
a single web server, while the subject application facilitates access of clients to a resource 
via multiple security servers such that multiple security restrictions may be deployed. 

Amended independent claims 18, 19, 29, and 37 recite similar features as claim 1 , 
Therefore, the same distinctions between Abdehiur and the claimed invention ia claim 1 
apply for these claims. For the reasons described above, Abdelnur does not contain all 
Clements of independent claims 1. 18, 19, 29, and 37. Hence, Abdelnur fails to anticipate 
the present invention as recited in claims 1 J. 8, 19, 29, and 37. Since claims 2-5 and 1 0- 
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12 depend from claim 1, claims 21-23 depend from claim 19, and claims 30-33 depend 
from claim 29, the same distinctions between Abdelnur and the claimed invention in 
independent claims 1, 18. 19, 29, and 37 apply for these claims. Additionally, claims 2-5, 
10-12, 21-23, and 30-33 claim other additional combinations of features not suggested by 
the reference. Consequentlyj it is respectfully urged that the rejection of claims ^ 1 -5, 1 0- 
12, 18-19, 21-23, 29-33, and 37 under 35 US.C § 102(e) as being anlicipated by 
Abdelnur has been overcome, and such a notice is respectfully requested. 

IV- 35 U-S,C. S 103, Obviousness 

The Office Action has rejected claim 20 under 35 U.S.C § 1 03(a) as being 

unpatentable over Abdelnur. This rejection is respectfully traversed. 

With respect to claim 20, the Office Action states the following: 

Abdelnur does not explicitly disclose a third sever for pcrfonning 
essentially the same functions as the first server. However, Abdelnur clearly 
discloses tlie invention in the context of a network environment such as the 
internet coupled with a LANAVAN, the network comprising multiple servers, 
client, back-end resources, etc. (see col. 1, lines 26-55, "In computer 
networks,., via the Intcmet"; col. 8, lines 28-62, "A method and apparatus... tlie 
requesting application."). Therefore, Abdelnur clearly anticipates the use of 
additional servers, including a third server, as recited in cl^ibyx 20. It would have 
been obvious to one of ordijiaiy skill in the art at the time of the invention to 
modify Abdelnur by adding a third server, wherein the third server receives 
requests from clients to access a resource, perfonns an authentication process with 
the clients, add information to the requests in which the information indicates tliat 
the requests are from a trusted source to form modified requests, and sends the 
modified requests to the second server for processing, because this would provide 
additional network resources for processing requests. 
Office Action dated 4/19/2004, Paigel6-17. 

Applicant respectfully disagrees. As noted above, Abdekiur describes only a 

technique that facilitates access to multiple servers with which a client is unable to 

directly authenticate. Abdelnur is wholly silent with regard to a mechanism for 

validating trust with a resource and multiple security servers such that different security 

restrictions are placed on the resource dependent on the security server through which 

client access requests are passed. Moreover, if an independent claim is non-obvious under 

35 U.S.C. 103, then any claim depending therefrom is non-obvious. In re Fine, 837 F-2d 

1071, 5 USPQ2d 1596 (Fed. Cir. 1988). Thus, claim 20 is non-obvious as Applicants 
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have already demonstrated claim 19 to be in condition for allowance. Applicants 
respectfiiUy submit that claim 20 is also allowable, at least by virtue of the dependence of 
claim 20 on an allowable base claim, and such a notice is respectfully requested. 

V- Conclusion 

It is respectfully urged that the subject application is patentable over Abdelnur 
and is now in. condition for allowance. 

The examiner is invited to call the undersigned at the below-listed telephone 
number if in the opinion of the examiner such a telephone conference would expedite or 
aid the prosecution and examination of this application. 



DATE: 




Reg. No. 45,999 

Yee & Associates, P.C. 



P.O. Box 802333 
Dallas, TX 75380 
(972) 367-2001 



Agent for Applicants 
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